summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTails developers <amnesia@boum.org>2014-04-11 12:12:16 +0000
committerTails developers <amnesia@boum.org>2014-04-11 12:12:52 +0000
commitbba65d4a639b5794de757c2945cf6f0889541bb2 (patch)
tree45e4c61056d6e8f58615680db4c0bc2788004710
parent5ce56ce4329b91bf5bd304e7c02daf39d78b223e (diff)
Add meeting minutes.
-rw-r--r--wiki/src/contribute/meetings/201404.mdwn78
1 files changed, 78 insertions, 0 deletions
diff --git a/wiki/src/contribute/meetings/201404.mdwn b/wiki/src/contribute/meetings/201404.mdwn
new file mode 100644
index 0000000..6ee5dae
--- /dev/null
+++ b/wiki/src/contribute/meetings/201404.mdwn
@@ -0,0 +1,78 @@
+[[!meta title="April 2014 online meeting"]]
+
+[[!toc levels=1]]
+
+# Including nautilus-gtkhash?
+
+[[!tails_ticket 6763]]
+
+The feature seems sound to have in Tails, and there is apparently no
+alternative in Debian. nautilus-gtkhash seems well maintained in
+Debian, has been tested on Tails/Wheezy, and installing it in there
+only requires to download 89kB of .deb's.
+
+So, we decided to install it in Tails 1.1.
+
+# Keep CACert.org's root certificate in the web browser?
+
+[[!tails_ticket 6966]]
+
+* basically nobody cares much about it
+* nobody volunteered to re-add this certificate and maintain the patch
+* when it disappeared from Tails for 6 weeks ([[!tails_ticket 6704]]),
+ nobody complained for other reasons that blocked access to
+ labs.riseup.net (that was temporarily using a cacert-issued
+ certificate, and had HSTS enabled)
+
+=> we won't reintroduce this root certificate ourselves in Tails.
+
+# Make homepage point to a local file like torbrowser
+
+[[!tails_ticket 7023]]
+
+* using a local homepage (with links to key pages) would make it less
+ likely that users read our news, and people who see the "not enough
+ memory to check for upgrades" thing won't know that there's a new
+ Tails available.
+* if our website is compromised (either locally, or via SSL MitM with
+ help from a rogue CA), then we have many other problems: e.g.
+ the attacker can block all kinds of security update notifications
+ (incremental upgrades, security check) forever, trick users to
+ download random ISOs, etc.
+* we could configure NoScript to block JavaScript on tails.boum.org,
+ and mitigate the concern about exploitation of the browser via JS on
+ the homepage; OTOH, not all firefox security issues require JS, so
+ it doesn't really solve much of the problem.
+
+=> this needs research, to find a good solution.
+
+# Gather opinions on the "Broken Window" --> "Hole in the Roof" proposal
+
+We decided to go with "Hole in the Roof".
+
+# Shall we produce Tails t-shirts?
+
+Here we want to gather people's opinion and feelings. The decision
+will be made later, and possibly by the core team only.
+
+* pros we had before starting discussing: that could bring some money
+ into project, we will surely find people interesting in buying and
+ wearing one, it will make Tails visible in geek events
+* cons we had before starting discussing: that's not our core
+ business, why should we produce cloth, we don't want to encourage
+ this kind of consumerism
+* someone is not in favour, won't spend any time on it, but won't cry
+ nor block
+* someone suggests we produce (virgin) USB sticks first
+* someone thinks it's a nice way to get some money into the project
+* someone suggest to outsource to a web-store
+* someone else suggests to only sell ourselves at conferences
+* someone notes that it is extremely unlikely to ever be a significant revenue source,
+ and adds that it's about taking on some amount of work for the sake
+ of promotion and 'community feeling'
+* someone suggests we print a few cheap one's for 31c3 and see how it
+ goes, e.g, give them to contributors of the year 2014
+* someone suggests we could have friends do DIY screen printing
+* someone says: if somebody wabts to do it, great.
+* it's noted that if we go for it, next step is to draw and submit
+ a budget